信任链

信任链，或称数字证书链，是一连串的数字证书，由根证书为起点，透过层层信任^[1]，使终端实体证书的持有者可以获得转授的信任^[2]，以证明身份。基于信息安全的考虑，在进行电子商务或使用政府服务时，交易的另一方用户，以根证书为基础，凭藉对签发机构的信任，相信当时持有信任链终端的证书持有者确为其人，并透过公开密钥加密确保通讯保密、透过数位签章确保内容无误、以及保证对方无法抵赖。

公开密钥基础建设已经在X.509及RFC 5280指定了使用信任链的认证路径验证算法^[3]。其中，会透过证书吊销列表及OCSP检查手上得到的证书是否已被凭证机构在到期前撤消。另一方面，凭证机构签发新的证书时，也可能透过证书透明度公布签发证书的记录，让公众查核，避免有其他机构在未得到当事人同意下滥发欺诈证书伪冒身份。CA/浏览器论坛通过了DNS证书颁发机构授权协议，参与的凭证机构会在签发证书前透过域名系统检查是否已获授权。

背景

在互联网中，任何机构都可以登记域名以设立服务器，供大众连接沟通并进行电子商务或使用政府服务。虽然公开密钥加密可以确保通讯保密、数位签章可以确保内容无误、以及保证对方无法抵赖；但如果数字证书未获得可供信任的数字证书认证机构数位签章（即自签凭证），对方的真实身份仍然可疑^[4]（除非通讯双方早已互相认识并预先透过安全渠道交换数字证书）。数字证书认证机构在公开密钥加密基建担任了非常重要的角色，电脑软件安装并信任了其根证书，根据其私钥签发的下层证书都可（基于数位签章）被自动信任，如果是中介证书，则再下层的终端实体证书也一样被自动信任，此即构成了一条信任链^[5]。

参考资料

↑ How certificate chains work. Symantec （英语）. A certificate chain is an ordered list of certificates, containing an SSL Certificate and Certificate Authority (CA) Certificates, that enable the receiver to verify that the sender and all CA's are trustworthy. The chain or path begins with the SSL certificate, and each certificate in the chain is signed by the entity identified by the next certificate in the chain. ^{[永久失效链接]}
↑ 数位凭证：你能相信誰？. 趋势科技全球技术支持与研发中心. 2015-05-14 [2017-07-17] （繁体中文（中国台湾））. 我们在网路上可以信任谁或什么？每台连到网路的电脑都包含可信任的根CA列表。这些根CA签发的凭证可以用来为其他CA或服务器签章凭证。任何凭证都需有一个“信任链”，让系统看到它所信任的任何一个根凭证。
↑ RFC 5280. IETF （英语）. In general, a chain of multiple certificates may be needed, comprising a certificate of the public key owner (the end entity) signed by one CA, and zero or more additional certificates of CAs signed by other CAs. Such chains, called certification paths, are required because a public key user is only initialized with a limited number of assured CA public keys. 缺少或|url=为空 (帮助)
↑ Secure Website Certificate. Mozilla. [2017-07-17]. An https web site is only secure to the extent that the web site is operated by someone in contact with the person who registered the domain name, and the communication between you and the website is encrypted to prevent eavesdropping. No other surety is implied. When you visit a secure website, Firefox will validate the website’s certificate by checking that the certificate that signed it is valid, and checking that the certificate that signed the parent certificate is valid and so forth up to a root certificate that is known to be valid. This chain of certificates is called the Certificate Hierarchy.
↑ 链结信任与凭证授权单位. 微软开发者网络. 凭证是在阶层中创建的，其中每个个别凭证都会链接到核发凭证的 CA。此链接连至 CA 的凭证。接着，CA 的凭证会链接至核发 CA 原始凭证的 CA。在找到根 CA 的凭证之前，会一直重复这个程序。根 CA 的凭证在本质上会受到信任。数位签章会借由信任此阶层 (也称为“信任链结”(Chain of Trust)) 来验证实体。您可以使用 MMC 嵌入式管理单元来检视任何凭证的链结，只要按两下任何凭证，然后按一下 [凭证路径] 索引标签即可。

[1] How certificate chains work. Symantec （英语）. A certificate chain is an ordered list of certificates, containing an SSL Certificate and Certificate Authority (CA) Certificates, that enable the receiver to verify that the sender and all CA's are trustworthy. The chain or path begins with the SSL certificate, and each certificate in the chain is signed by the entity identified by the next certificate in the chain. ^{[永久失效链接]}

[2] 数位凭证：你能相信誰？. 趋势科技全球技术支持与研发中心. 2015-05-14 [2017-07-17] （繁体中文（中国台湾））. 我们在网路上可以信任谁或什么？每台连到网路的电脑都包含可信任的根CA列表。这些根CA签发的凭证可以用来为其他CA或服务器签章凭证。任何凭证都需有一个“信任链”，让系统看到它所信任的任何一个根凭证。

[3] RFC 5280. IETF （英语）. In general, a chain of multiple certificates may be needed, comprising a certificate of the public key owner (the end entity) signed by one CA, and zero or more additional certificates of CAs signed by other CAs. Such chains, called certification paths, are required because a public key user is only initialized with a limited number of assured CA public keys. 缺少或|url=为空 (帮助)

[4] Secure Website Certificate. Mozilla. [2017-07-17]. An https web site is only secure to the extent that the web site is operated by someone in contact with the person who registered the domain name, and the communication between you and the website is encrypted to prevent eavesdropping. No other surety is implied. When you visit a secure website, Firefox will validate the website’s certificate by checking that the certificate that signed it is valid, and checking that the certificate that signed the parent certificate is valid and so forth up to a root certificate that is known to be valid. This chain of certificates is called the Certificate Hierarchy.

[5] 链结信任与凭证授权单位. 微软开发者网络. 凭证是在阶层中创建的，其中每个个别凭证都会链接到核发凭证的 CA。此链接连至 CA 的凭证。接着，CA 的凭证会链接至核发 CA 原始凭证的 CA。在找到根 CA 的凭证之前，会一直重复这个程序。根 CA 的凭证在本质上会受到信任。数位签章会借由信任此阶层 (也称为“信任链结”(Chain of Trust)) 来验证实体。您可以使用 MMC 嵌入式管理单元来检视任何凭证的链结，只要按两下任何凭证，然后按一下 [凭证路径] 索引标签即可。

[1]

[2]

[3]

[4]

[5]